1. Field of Invention
The present invention relates to the technology of verifying data and more particularly to data-verifying technology fit for use in general information processing units designed to transmit or hold a large continuous number of data groups, such as, for example, a utilization history in security.
2. Description of Related Art
With the recent progress of digital information processing technology, all types of information is digitized. Additionally, with the idea of, for example, an information superhighway, the time has finally come when digital information can be distributed and circulated through networks. Various types of information can be circulated and distributed via Internet, telecommunications, personal computer or CD-ROM in the form of images, animation, voice, programs and the like, to say nothing of character information.
However, digital information in the form of characters, images, animation, voice, programs and the like is of no value unless that information is utilized. Furthermore, digital information is different from physical matter in that digital information is immaterial and easy to copy at low cost. Because digital information is easy to copy and easy to copy at low cost, restrictions have been imposed on the unauthorized copying of owned digital information. Unfortunately, however, the features that make using digital information attractive are, at times, governed by arbitrary rules.
In order to keep unauthorized users from copying and/or utilizing certain information, a system of making digital information utilizable only after decrypting the information can be used. Specifically, the digital information, as represented by programs, is encrypted so the digital information is freely distributable. Then, to utilize the digital information, a user pays for and receives a decrypting key to access the digital information. Alternatively, there has also been proposed a system of charging a payment for the utilization of information such as a software service system as disclosed in Japanese Patent Publication No. 95302/1994 and an apparatus for measuring the quantity of utilized information as disclosed in Japanese Patent Laid-Open No. 21276/1995.
With the aforementioned technologies, users do not have to buy, for example, software when the software, as represented by programs, is utilized over personal computers and workstations. Users are originally able to acquire the software free of charge or at a moderate price. The user is then charged in proportion to the quantity of the digital information that is utilized, for example, each time the software is used.
In order to correctly charge a user for the utilization of digital information, each individual user must be charged according to the duration and frequency of use. In some cases, the charges collected from an individual user must be distributed among several different information providers. Thus, each information provider must be paid in proportion to the length of time that that particular information providers' information was used. Consequently, a utilization history must be recorded and recovered accurately and safely.
Although a utilization meter that records a utilization history has been mentioned in Japanese Patent Laid-Open No. 21276/1995, no reference has been made of how to recover the utilization history actually recorded therein.
One method for recovering the utilization history has been proposed that does not use a recording device that is under the control of an information processing device or a user, such as, for example, a hard disk. In contrast, this method utilizes an independent safety device to store the utilization history. According to Japanese Patent Publication No. 95302/1994, for example, a utilization history can be written to an integrated circuit (IC) card.
In a chargeable information transmitting system according to Japanese Patent Laid-Open No. 25605/1991 and a chargeable information collecting system according to Japanese Patent Laid-Open No. 180762/19.94, chargeable information is recovered through networks.
One proposed method of recovering a utilization history that has been written to a safety device, such as, for example, an integrated circuit (IC) card, allows a authorized collector to collect the utilization history directly from the safety device via a network.
Under the current method of collecting the history through a network, however, no consideration has been given to the safety of the utilization history information. For example, the possibility of falsification of utilization history information as or before the utilization history information is transmitted or the possibility of transmission of dishonest utilization history information from any one of the users. Therefore, although this method is appropriate for in-house networks that can be relied upon to a certain degree, the method remains inappropriate, in view of safety, to networks open to the general public, such as, for example, the Internet. However, this method has been the only way for an authorized collector to safely recover the utilization history from an IC card in an apparatus.
With the recent development of encrypting technology, and the use of digital signature technology in particular, it is possible to solve the aforementioned problem. More specifically, a private key peculiar to a particular safety device is enclosed in the safety device and when a user retrieves data from the safety device, the user must provide a digital signature before retrieving the data. Thus, the utilization history data can be verified later by verifying the digital signature accompanying the data.
A technique of using RSA (Rivest-Shamir-Adleman) cryptosystem for digital signatures is widely known. However, signatures by means of RSA or any other digital signatures generally require a large quantity of calculations and a great deal of time per process. Therefore, a serious problem is posed when a signature has to be provided for continuous data in great quantities or when a computer with low calculating capability is used for processing signatures.
When the IC card is used as a safety device for recording the utilization history, the calculating capability of a central processing unit (CPU) mountable in the IC card is often rather low. Thus, a great deal of time is required when the CPU is used to carry out a large quantity of calculations. Unfortunately, increasing the calculating capability to raise the calculating speed is extremely costly.
Furthermore, because the data regarding the utilization history is usually relatively large, recording capacity becomes a problem when total data concerning the utilization history is recorded in a small device like an IC card.
The security of modern encryption technology including the RSA was originally based on the quantity of calculations and the length of the key used for a signature and cryptosystems is arranged so that it is increased as the capabilities of the computer increase. Consequently, this problem is not resolved by merely increasing the capabilities of a computer. The problem still awaits a solution since equipment can be used, such as, for example, a personal token, that is only capable of employing a computer whose processing performance is low in comparison to the highest performance that can be offered by the latest computer.